No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

I can get it by running `az keyvault certificate show --vault &lt;vault&gt; -n &lt;certName&gt; --query "x509ThumbprintHex" -o tsv`

what would be the easiest way to do the same in Pulumi?

Oo, just found `Pulumi.Command` had a stdout. Resolves my issue.

```var getThumb = new Command("getThumb", new CommandArgs
{
    Create = "az keyvault certificate show --vault $VAULT -n $NAME --query \"x509ThumbprintHex\" -o tsv",
    Environment =
    {
        { "NAME", certName },
        { "VAULT", vault.Name },
    },
});   ```


Retrieving the values of secrets, including certs, is not available through Pulumi since this is a data-plane operation. See this (pretty hidden) note on <https://www.pulumi.com/registry/packages/azure-native/api-docs/keyvault/getsecret/#secretpropertiesresponse>:

&gt; Users should use the data-plane REST service for interaction with vault secrets.
Glad you found another way. Using the Azure SDK would be another one.

Makes sense. And thanks for the tip on Azure SDK — I guess that makes a lot more sense that parsing stdout :smile: